2021-03-08 16:49:10 +00:00
|
|
|
""" make sure only valid html gets to the app """
|
2020-05-10 02:48:30 +00:00
|
|
|
from django.test import TestCase
|
|
|
|
|
2020-09-21 15:10:37 +00:00
|
|
|
from bookwyrm.sanitize_html import InputHtmlParser
|
2020-05-10 02:48:30 +00:00
|
|
|
|
2021-03-08 16:49:10 +00:00
|
|
|
|
2020-05-10 02:48:30 +00:00
|
|
|
class Sanitizer(TestCase):
|
2021-03-08 16:49:10 +00:00
|
|
|
""" sanitizer tests """
|
|
|
|
|
2020-05-10 02:48:30 +00:00
|
|
|
def test_no_html(self):
|
2021-03-08 16:49:10 +00:00
|
|
|
""" just text """
|
|
|
|
input_text = "no html "
|
2020-05-10 02:48:30 +00:00
|
|
|
parser = InputHtmlParser()
|
|
|
|
parser.feed(input_text)
|
|
|
|
output = parser.get_output()
|
|
|
|
self.assertEqual(input_text, output)
|
|
|
|
|
|
|
|
def test_valid_html(self):
|
2021-03-08 16:49:10 +00:00
|
|
|
""" leave the html untouched """
|
|
|
|
input_text = "<b>yes </b> <i>html</i>"
|
2020-05-10 02:48:30 +00:00
|
|
|
parser = InputHtmlParser()
|
|
|
|
parser.feed(input_text)
|
|
|
|
output = parser.get_output()
|
|
|
|
self.assertEqual(input_text, output)
|
|
|
|
|
|
|
|
def test_valid_html_attrs(self):
|
2021-03-08 16:49:10 +00:00
|
|
|
""" and don't remove attributes """
|
2020-05-10 02:48:30 +00:00
|
|
|
input_text = '<a href="fish.com">yes </a> <i>html</i>'
|
|
|
|
parser = InputHtmlParser()
|
|
|
|
parser.feed(input_text)
|
|
|
|
output = parser.get_output()
|
|
|
|
self.assertEqual(input_text, output)
|
|
|
|
|
|
|
|
def test_invalid_html(self):
|
2021-03-08 16:49:10 +00:00
|
|
|
""" remove all html when the html is malformed """
|
|
|
|
input_text = "<b>yes <i>html</i>"
|
2020-05-10 02:48:30 +00:00
|
|
|
parser = InputHtmlParser()
|
|
|
|
parser.feed(input_text)
|
|
|
|
output = parser.get_output()
|
2021-03-08 16:49:10 +00:00
|
|
|
self.assertEqual("yes html", output)
|
2020-05-10 02:48:30 +00:00
|
|
|
|
2021-03-08 16:49:10 +00:00
|
|
|
input_text = "yes <i></b>html </i>"
|
2020-05-10 02:48:30 +00:00
|
|
|
parser = InputHtmlParser()
|
|
|
|
parser.feed(input_text)
|
|
|
|
output = parser.get_output()
|
2021-03-08 16:49:10 +00:00
|
|
|
self.assertEqual("yes html ", output)
|
2020-05-10 02:48:30 +00:00
|
|
|
|
|
|
|
def test_disallowed_html(self):
|
2021-03-08 16:49:10 +00:00
|
|
|
""" remove disallowed html but keep allowed html """
|
|
|
|
input_text = "<div> yes <i>html</i></div>"
|
2020-05-10 02:48:30 +00:00
|
|
|
parser = InputHtmlParser()
|
|
|
|
parser.feed(input_text)
|
|
|
|
output = parser.get_output()
|
2021-03-08 16:49:10 +00:00
|
|
|
self.assertEqual(" yes <i>html</i>", output)
|